summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorthomascube <thomas@roundcube.net>2008-11-03 07:44:33 +0000
committerthomascube <thomas@roundcube.net>2008-11-03 07:44:33 +0000
commit6e47c0be5c3b59cedbda8da8d708e69534964de2 (patch)
treedb7d91d5574c6b0d0a1dc9edca487e2878120674
parenta9ab9fd5707c86242b09c610e235500102d4a0dd (diff)
Handle magic_quotes on runtime and remove them from the requirements list (#1485285)
-rw-r--r--INSTALL2
-rw-r--r--installer/welcome.html1
-rw-r--r--program/include/main.inc5
3 files changed, 4 insertions, 4 deletions
diff --git a/INSTALL b/INSTALL
index 2a68dc8d6..0c3b05dee 100644
--- a/INSTALL
+++ b/INSTALL
@@ -21,8 +21,6 @@ REQUIREMENTS
- memory_limit (increase as suitable to support large attachments)
- file_uploads enabled (for attachment upload features)
- session.auto_start disabled
- - magic_quotes_gpc disabled
- - magic_quotes_sybase disabled
- zend.ze1_compatibility_mode disabled
* PHP compiled with OpenSSL to connect to IMAPS and to use the spell checker
* A MySQL or PostgreSQL database engine or the SQLite extension for PHP
diff --git a/installer/welcome.html b/installer/welcome.html
index bfec23337..0c6805a11 100644
--- a/installer/welcome.html
+++ b/installer/welcome.html
@@ -22,7 +22,6 @@
<li>error_reporting E_ALL &amp; ~E_NOTICE (or lower)</li>
<li>file_uploads on (for attachment upload features)</li>
<li>session.auto_start needs to be off</li>
- <li>magic_quotes_gpc off</li>
</ul>
</li>
<li>A MySQL or PostgreSQL database engine or the SQLite extension for PHP</li>
diff --git a/program/include/main.inc b/program/include/main.inc
index 8eb2c81f5..4ed25afaf 100644
--- a/program/include/main.inc
+++ b/program/include/main.inc
@@ -420,8 +420,11 @@ function get_input_value($fname, $source, $allow_html=FALSE, $charset=NULL)
$value = $_COOKIE[$fname];
}
+ // strip single quotes if magic_quotes_sybase is enabled
+ if (ini_get('magic_quotes_sybase'))
+ $value = str_replace("''", "'", $value);
// strip slashes if magic_quotes enabled
- if ((bool)get_magic_quotes_gpc())
+ else if (get_magic_quotes_gpc() || get_magic_quotes_runtime())
$value = stripslashes($value);
// remove HTML tags if not allowed